Hi
Just looking to see what our community is currently using for recovering internet history and what tools y'all have in the locker.
Currently I have IEF v6.3 as the main one and rarely use anything else these days, but I have used HstEx and NetAnalysis in the past.
I was going to submit a poll but would probably then miss out on a few options
Thanks
Internet Examiner® Toolkit
http//
Belkasoft Evidence Center
http//
Thanks for replying Igor.
I have Belkasoft too, haven't used it too much recently.
Time to dust off that dongle )
Time to dust off that dongle )
LOL
Novunix,
I've used NetAnalysis w/ HstEx since 2006 and have always been happy with the results. The tool has very good supporting documentation as well and the developer has always been quick to respond to any questions that I had.
Regards,
Jesse
Novunix,
I've used NetAnalysis w/ HstEx since 2006 and have always been happy with the results. The tool has very good supporting documentation as well and the developer has always been quick to respond to any questions that I had.
Regards,
Jesse
NetAnalysis is a good (and relatively cheap) tool, but it has somewhat fallen behind the times. Maybe v2 will change things ..?
IEF is pretty much the swiss army knife of Internet Artefact recovery tools right now. It does come at a price - but it is pretty much head and shoulders above the competition in my opinion.
I use both NetAnalysis/HstEx and IEF to extract Internet history. The extracted records are imported into MS Access and I run custom SQL query scripts to identify relevant evidence.
I use IEF predominantly, HstEx used to be the tool of choice 3 years ago, however since the advent of Sqlite databases for Internet Browsers it has lagged behind other tools.
I have had excellent results using Passmark's OSForensics (http//
A. OSForensics is only $499.00
B. The recent activity visual timeline function is very useful to analyze browsing history
C. There is a sqlite database viewer built in
I also use Autopsy (The Sleuthkit) (http//
The biggest factor will be your budget as we all know, but I would say that IEF and the NetAnalysis/HstEx tools are the most comprehensive. We use them both in our lab.
IEF has a nicer interface and breaks down many different types of internet artifacts which is its strength. NetAnalysis doesn't do comprehensive artifacts. If we are just parsing internet history records (with associated attachments and metadata) then we have found NetAnalysis does that much better. Also, as stated before, all you have to do is convert the output to MS Access format and you can bring the power of queries to bear which can do a lot for you.
Hope the community continues to provide some more helpful information for you.
Good luck!